|
265841
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0, the NCP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/CMakeLists.txt by registering this dissector.
|
CWE-20
Improper Input Validation
|
CVE-2016-7958
|
2024-11-21 11:58 |
2017-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265842
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-btl2cap.c by avoiding use of a s…
|
CWE-20
Improper Input Validation
|
CVE-2016-7957
|
2024-11-21 11:58 |
2017-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265843
|
9.8 |
CRITICAL
Network
|
trendmicro
|
threat_discovery_appliance
|
On the Trend Micro Threat Discovery Appliance 2.6.1062r1, directory traversal when processing a session_id cookie allows a remote, unauthenticated attacker to delete arbitrary files as root. This can…
|
CWE-22
Path Traversal
|
CVE-2016-7552
|
2024-11-21 11:58 |
2017-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265844
|
9.8 |
CRITICAL
Network
|
trendmicro
|
threat_discovery_appliance
|
A command execution flaw on the Trend Micro Threat Discovery Appliance 2.6.1062r1 exists with the timezone parameter in the admin_sys_time.cgi interface.
|
CWE-361
7PK - Time and State
|
CVE-2016-7547
|
2024-11-21 11:58 |
2017-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265845
|
5.3 |
MEDIUM
Network
|
f5
|
big-ip_access_policy_manager
|
The TMM SSO plugin in F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 HF1, 11.5.4 - 11.5.4 HF2, when configured as a SAML Identity Provider with a Service Provider (SP) connector, might allow traffic …
|
CWE-20
Improper Input Validation
|
CVE-2016-7467
|
2024-11-21 11:58 |
2017-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265846
|
8.8 |
HIGH
Network
|
sophos
|
cyberoam_cr25ing_utm_firmware
|
Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 allows remote authenticated users to bypass intended access restrictions via direct object reference, as demonstrated by a request for Licenseinformation.jsp. …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-7786
|
2024-11-21 11:58 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265847
|
6.8 |
MEDIUM
Physics
|
apple
|
mac_os_x
|
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of DMA in the "EFI" component. It allows physically proximate attackers to discover…
|
CWE-310
Cryptographic Issues
|
CVE-2016-7585
|
2024-11-21 11:58 |
2017-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265848
|
7.3 |
HIGH
Local
|
mcafee
|
anti-malware_scan_engine
|
Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local attackers to bypass local security protection via a crafted input file.
|
CWE-284
Improper Access Control
|
CVE-2016-8032
|
2024-11-21 11:58 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265849
|
4.9 |
MEDIUM
Network
|
fortinet
|
fortios
|
A read-only administrator on Fortinet devices with FortiOS 5.2.x before 5.2.10 GA and 5.4.x before 5.4.2 GA may have access to read-write administrators password hashes (not including super-admins) s…
|
CWE-200
Information Exposure
|
CVE-2016-7542
|
2024-11-21 11:58 |
2017-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265850
|
5.9 |
MEDIUM
Network
|
fortinet
|
fortios
|
Long lived sessions in Fortinet FortiGate devices with FortiOS 5.x before 5.4.0 could violate a security policy during IPS signature updates when the FortiGate's IPSengine is configured in flow mode.…
|
CWE-254
7PK - Security Features
|
CVE-2016-7541
|
2024-11-21 11:58 |
2017-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
